Avoiding Web Scams – PART 1

Posted on 03. Dec, 2005 by in Saving & Investing

As the holidays approach, more and more of us will be doing our shopping online this year – and you should be informed of the latest web scams so that you can avoid becoming a growing statistic of people duped by a new breed of con artists. Because there is so much to write about this subject I will break it up into a multi-part article – so be sure to check back and read the other parts!

Don’t Go PhishingDon’t Go Phishing
I wanted to cover this topic first because phishing is on the rise and more and more people are falling victim to it. As the holidays get closer you’ll no doubt receive more and more emails from online retailers advertising their latest and greatest sale. However, not all of those emails are legitimate.

Phishing is the practice of sending emails that look exactly like legitimate emails from companies you do business with everyday. Some of the most popular include eBay, PayPal, Washington Mutual, Bank of America, etc. “Phishers” create an email with the company’s logo and contact information on it so that you won’t know the difference. These emails typically ask you to confirm your account information because [insert any number of excuses]. The email will also contain some link or button for you to click so that you can visit the website and update your information. However, those links and buttons actually take you to a website that looks exactly like the one you intended to visit – but instead of logging you in to your account, the website records your username and password so that the “Phisher” can visit the legitimate site later and use your account information to steal from you.

So the question is: how do you know if an email is legitimate or not? Here are a few of the major signs to look for:

  1. Misspelled words – because phishers are most likely foreigners there might be simple and obvious spelling mistakes. But Wells Fargo would never send an email to you with spelling mistakes, would they?
  2. Fake URLs – before clicking on a link or button, look at the bottom of your browser or email program to see where the link is going to take you. Look for legitimate emails like “chase.com”. Avoid links that look like this: “http://www.signin/chaseb.com/12332%?pasd”.
  3. Reason for the email – think about what the email is about and ask yourself if a company would contact you in that way. For example, if your account has been compromised, do you think your bank would contact you through email to “CONCERNED CUSTOMER”? More likely they would call you and let you know of any problems.
  4. Know the company – you have probably received emails from eBay before, so ask yourself if this one looks similar. Has eBay ever asked you to login from an email before? Also, if you don’t even know the company who is emailing you, then stay away!

Although these are a few tell-tale signs of phishing emails, the problem is that these signs are not foolproof. Sometimes you’ll receive a legitimate email that links to “http://www.wellsfargo1.com” that would raise a red flag in your mind. And phishers are becoming more sophisticated as well. Oftentimes they are able to hide those URLs so the link you’re clicking looks legitimate but it really isn’t. So here are some tips on how to protect yourself from having your credit card or bank information stolen from you – with your permission!

  1. NEVER CLICK ON EMAIL LINKS – I can’t really emphasize this one enough. If you receive an email from your bank asking you to login and confirm information, open up your web browser and go to the site yourself – do not click on the link in your email! I know that there are some emails that legitimately include links so it’s easier for you to get to the company’s website – but in this case it pays to be safe. Avoid links like the money-stealing plague.
  2. Invest in Antivirus Software – And by “invest” I mean go out and spend some actual cash. The $30 that antivirus suite will set you back will pale in comparison if your bank account gets hijacked and you’re out $5,000!
  3. Keep Spyware in Check – This time, you don’t even need to spend a cent. Some of the best spyware software out there is completely free! Check out Cnet’s Spyware Center to read about and download the latest spyware programs
  4. Keep Software Updated – You’ve heard it a million times, but I’m going to say it again. Be sure to keep your software updated – everything from Windows to Norton Antivirus. Those update pop-ups that might seem annoying are really the best thing you can do for your computer to keep it protected from viruses and other infections that might result from clicking on a phishing email.
  5. Be Smart – It’s simple to say, but just exercise common sense when reading emails and browsing the internet. If something looks suspicious then stay away!

If you think you’re ready, take the “Phishing IQ Test” yourself to see if you can spot a fake email. You’ll see some actual phishing emails and some additional tips on spotting – and avoiding – these types of emails. Also check out these sites for additional reading:

Be sure to come back to check out PART 2: Online Credit Card Safety 101.

credit card, fraud, phishing, web scam, identity theft


  1. BeancounterBlog.com » IRS Warns About Email Scam About Tax Refunds - December 6, 2005

    […] Following up with “Avoiding Web Scams – PART 1” the IRS issued a warning last week about a new phishing email scam in which consumers receive an e-mail informing them of a tax refund. The e-mail, which claims to be from the IRS, directs the you to a link that requests personal information, such as Social Security number and credit card information. This scheme is an attempt, just like every other phishing email, to trick the e-mail recipients into disclosing their personal and financial data. […]

  2. BeancounterBlog.com » Avoiding Web Scams - PART 2 - December 13, 2005

    […] Avoiding Web Scams – PART 1 covered the dangers of phishing and how to avoid them. Avoiding Web Scams – PART 2 focuses on online credit card usage during the holidays. […]

  3. BeancounterBlog.com » Google Safe Browsing for Firefox Highlights Phishers - December 16, 2005

    […] As a quick follow-up to Avoiding Web Scams – PART 1 I thought I would let you know that my friends over at Google have created a neat little Firefox extension called Google Safe Browsing that alerts you to web pages that are most likely fake. This type of attack, known as phishing or spoofing, is becoming more sophisticated, widespread and dangerous. That’s why it’s important to browse safely with Google Safe Browsing. By combining advanced algorithms with reports about misleading pages from a number of sources, Safe Browsing is often able to automatically warn you when you encounter a page that’s trying to trick you into disclosing personal information. […]

  4. bigblue - December 20, 2005

    […] This is the moon tonight. This evening I went to Belper to have supper with Lynette and Alan, for the last time this year. In two sleeps I am flying South to a warmer place for Christmas. With the increase in online shopping this shopping season, the articles Avoiding Web Scams Part 1 and Part 2 are timely. There are so many internet shopping portals available now, such as Pricerunner and Froogle, and still they appear. A recent addition is Gooshing which claims to be a free ethical shopping tool. No doubt their system still needs tweaking. On the digital cameras page they list the Canon 1DS Mark II camera as being available for under ?250. This is a professional camera that costs over ?5000, so that is quite a deal, or would be if it were true. There seem to be four (very different) cameras selling for exactly the same price: Posted by: bigblue on 19 Dec 05 | 11:38 pm | Profile [0] comments (0 views) |  [0] Trackbacks   [0] Pingbacks […]

  5. BeancounterBlog.com » A Ponzi Scheme Even Ponzi Would be Ashamed of - January 19, 2006

    […] So even if you think a college campus is safe – think again. Scammers and fraudsters are everywhere and will do anything to get your money. Just be sure to be aware of anything too good to be true. […]

  6. BeancounterBlog.com » Blog Archive » IRS Email Scam Rises - April 9, 2006

    […] If you haven’t already received a suspicious looking email from the IRS this month then count yourself lucky. Thousands of people have been fooled this year by a myriad of emails – supposedly from the IRS – that tell you about your potential refund if you will only “log-in to the IRS website” and enter your personal information. I’ve written about the dangers of phishing before, but this latest attack seems to be more effective than normal because it’s tax season and people are expecting refunds from the IRS. In response to the growing number of “IRS-looking” emails, the IRS has recently set up a mailbox at phishing@irs.gov where you can report suspicious emails. The IRS’s new mail box allows taxpayers to send copies of possibly fraudulent e-mails involving misuse of the IRS name and logo to the IRS for investigation. However, due to the volume the new mailbox is expected to receive, the IRS will not be able to acknowledge receipt or reply to taxpayers who submit their bogus e-mails. […]

  7. JasonGuthrie.net » Why The Internet Scares Me - February 25, 2008

    […] will grow up to be “Internet experts” and be able to avoid the Internet slums, sidestep Phishing schemes, and find the truth among the millions of […]

Leave a Reply